What makes an AI system 'high-risk'?
The EU AI Act reserves its most demanding obligations for 'high-risk' AI. There are two routes into the category. The first is Annex III: a system is high-risk if it is intended to be used in one of eight listed domains — biometrics; critical infrastructure; education and vocational training; employment, worker management and access to self-employment; access to essential private and public services (including creditworthiness and life/health insurance); law enforcement; migration, asylum and border control; and the administration of justice and democratic processes.
The second route is Annex I: a system that is itself a product, or a safety component of a product, already covered by EU harmonisation legislation (medical devices, machinery, toys, vehicles, lifts and more) and required to undergo third-party conformity assessment. If either route applies, you are looking at the full high-risk regime under Article 6(2).
- •Annex III, §1 — Biometrics (remote identification, categorisation, emotion recognition)
- •Annex III, §2 — Critical infrastructure (safety components for digital, traffic, utilities)
- •Annex III, §3 — Education and vocational training
- •Annex III, §4 — Employment, worker management and access to self-employment
- •Annex III, §5 — Access to essential services, including credit scoring and insurance pricing
- •Annex III, §6–§8 — Law enforcement, migration/border control, justice and democracy
The Article 6(3) exception — and when you can't use it
Annex III is not an automatic life sentence. Article 6(3) lets you treat a system as not high-risk if it does not pose a significant risk of harm to health, safety or fundamental rights — including by not materially influencing the outcome of decision-making. To claim it, the system must meet at least one of four conditions: it performs a narrow procedural task; it improves the result of a previously completed human activity; it detects decision-making patterns without replacing or influencing human assessment; or it performs a preparatory task to an assessment.
There is a hard carve-out from the carve-out: if the system performs profiling of natural persons, it is always high-risk. And the exception is not a quiet internal decision — you must document the assessment before placing the system on the market, and register it in the EU database. Veritome's classification wizard runs all four criteria as individually argued questions and keeps the reasoning as a re-openable record.
Provider obligations: the core build (Articles 9–15)
If you build a high-risk system or place it on the market under your own name, you are the provider, and the heart of your obligations lives in Articles 9 to 15. These are design-and-evidence duties: you cannot bolt them on at the end.
- Art. 9 — Establish, document and maintain a risk management system across the lifecycle, with a residual-risk sign-off.
- Art. 10 — Data governance: training, validation and test data that is relevant, representative and checked for bias.
- Art. 11 + Annex IV — Draw up the technical documentation before go-live and keep it current.
- Art. 12 — Automatic logging of events over the system's lifetime for traceability.
- Art. 13 — Transparency and instructions for use (the IFU) handed to deployers.
- Art. 14 — Human oversight designed in, with the ability to intervene and stop the system.
- Art. 15 — Appropriate accuracy, robustness and cybersecurity.
Prove it and register it (Articles 17, 43, 47–49)
Building the system is only half the job; the Act requires you to demonstrate conformity and put the system on the public record.
- Art. 17 — Operate a quality management system that governs how all of the above is produced and maintained.
- Art. 43 — Carry out the conformity assessment (internal control under Annex VI for most Annex III systems; third-party via a notified body for some).
- Art. 47 — Draw up the EU Declaration of Conformity.
- Art. 48 — Affix the CE marking.
- Art. 49 — Register the system (and certain deployers, their use) in the EU database before it is placed on the market or put into service.
Veritome generates the Annex IV technical file, the Declaration of Conformity and a pre-filled Annex VIII registration sheet from the same underlying records, so the conformity story is consistent end to end.
Deployer obligations (Article 26) — and the FRIA (Article 27)
Using a third-party high-risk system in a professional capacity makes you a deployer, with your own obligations under Article 26: use the system in line with the instructions, assign competent human oversight, keep the logs, monitor operation, and inform affected workers and their representatives where relevant.
Some deployers go further. Public bodies, private operators providing public services, and deployers of certain Annex III §5 systems (creditworthiness and life/health insurance) must complete a Fundamental Rights Impact Assessment under Article 27 before first use — see our dedicated FRIA guide for the step-by-step.
After go-live: monitoring, incidents and the deadline
Conformity is a state you maintain, not a certificate you frame. Article 72 requires a post-market monitoring plan that actively tracks performance in the field. Article 73 requires serious incidents to be reported to the market surveillance authority within 15 days of awareness — and faster for the gravest cases (2 days for widespread infringements; 10 days following a death).
The clock is real. The full high-risk regime becomes enforceable on 2 December 2027, moved from August 2026 by the 2026 Digital Omnibus. That is enough time to build a defensible posture — but only if classification, documentation and oversight start now rather than in Q4.
